If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Threaded View

Form Spam

Hey Guys,

I'm here to seek the help of some experts.

I have been receiving spam through one of my websites contact form. I can't understand why this person is spamming me, as they never include a link to their page, just a name, and a fake/random email address. The form emails the contents anyways, so it would never post to my website even if they were.

Here are the steps I have taken:
Manually reviewed IP address, and blocked all from spammer. They get a new IP within minutes. All different states and different ISPs.
Reviewed and blocked common referrer's. This has rendered pointless as they have a new referrer with each submission.
Set CloudFlare to the highest security setting possible.
Inserted a manual blacklist blocking common fake email domains they were using (123.com, gov.com, abc.com, etc.)
Changed internal CAPTCHA to ReCAPTHCA.
Using "hidden field" spam prevention.
Used HTAccess to block most proxy services. Again, pointless.

There are no patterns to the submissions. Fake names, and fake emails, along with new referrers, new IPs, new User-Agents. It's making me go insane.

All of my checks are done client side, and checked again server side in the event javascript is disabled.

For the life of me, I cannot figure out how to block this person, or understand why they are spamming me to begin with. I thought maybe it was referrer spam, but my logs are not accessible, and the referrer's site can also be generic, like Yahoo. The only reason I can tell it is the same person, is because the volume, and the fact that the names always have a middle initial, and the emails are always capitalized the same way "FirstMLast@Somedomain.com".

I manage over 300 sites, similar in product and audience and all using the same form code, and this is the only site experiencing this issue.

It started out as annoying, but now it has become problematic, as my sales staff is having to filter through dozens of these a day, to find out that they are not legitimate request.